diff options
| author | Florian Weimer <fweimer@redhat.com> | 2019-11-27 16:20:47 +0100 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2019-11-27 20:55:35 +0100 |
| commit | 79e0cd7b3c997e211fad44a81fd839dc5b2546e8 (patch) | |
| tree | 2de9e1bc730bae922d592fa1521aab4f9d65ef01 /elf/dl-close.c | |
| parent | 446997ff1433d33452b81dfa9e626b8dccf101a4 (diff) | |
| download | glibc-79e0cd7b3c997e211fad44a81fd839dc5b2546e8.tar.gz glibc-79e0cd7b3c997e211fad44a81fd839dc5b2546e8.tar.xz glibc-79e0cd7b3c997e211fad44a81fd839dc5b2546e8.zip | |
Lazy binding failures during dlopen/dlclose must be fatal [BZ #24304]
If a lazy binding failure happens during the execution of an ELF constructor or destructor, the dynamic loader catches the error and reports it using the dlerror mechanism. This is undesirable because there could be other constructors and destructors that need processing (which are skipped), and the process is in an inconsistent state at this point. Therefore, we have to issue a fatal dynamic loader error error and terminate the process. Note that the _dl_catch_exception in _dl_open is just an inner catch, to roll back some state locally. If called from dlopen, there is still an outer catch, which is why calling _dl_init via call_dl_init and a no-exception is required and cannot be avoiding by moving the _dl_init call directly into _dl_open. _dl_fini does not need changes because it does not install an error handler, so errors are already fatal there. Change-Id: I6b1addfe2e30f50a1781595f046f44173db9491a
Diffstat (limited to 'elf/dl-close.c')
| -rw-r--r-- | elf/dl-close.c | 46 |
1 files changed, 29 insertions, 17 deletions
diff --git a/elf/dl-close.c b/elf/dl-close.c index c32e6473ad..33486b9cbc 100644 --- a/elf/dl-close.c +++ b/elf/dl-close.c @@ -106,6 +106,30 @@ remove_slotinfo (size_t idx, struct dtv_slotinfo_list *listp, size_t disp, return false; } +/* Invoke dstructors for CLOSURE (a struct link_map *). Called with + exception handling temporarily disabled, to make errors fatal. */ +static void +call_destructors (void *closure) +{ + struct link_map *map = closure; + + if (map->l_info[DT_FINI_ARRAY] != NULL) + { + ElfW(Addr) *array = + (ElfW(Addr) *) (map->l_addr + + map->l_info[DT_FINI_ARRAY]->d_un.d_ptr); + unsigned int sz = (map->l_info[DT_FINI_ARRAYSZ]->d_un.d_val + / sizeof (ElfW(Addr))); + + while (sz-- > 0) + ((fini_t) array[sz]) (); + } + + /* Next try the old-style destructor. */ + if (map->l_info[DT_FINI] != NULL) + DL_CALL_DT_FINI (map, ((void *) map->l_addr + + map->l_info[DT_FINI]->d_un.d_ptr)); +} void _dl_close_worker (struct link_map *map, bool force) @@ -267,7 +291,8 @@ _dl_close_worker (struct link_map *map, bool force) && (imap->l_flags_1 & DF_1_NODELETE) == 0); /* Call its termination function. Do not do it for - half-cooked objects. */ + half-cooked objects. Temporarily disable exception + handling, so that errors are fatal. */ if (imap->l_init_called) { /* When debugging print a message first. */ @@ -276,22 +301,9 @@ _dl_close_worker (struct link_map *map, bool force) _dl_debug_printf ("\ncalling fini: %s [%lu]\n\n", imap->l_name, nsid); - if (imap->l_info[DT_FINI_ARRAY] != NULL) - { - ElfW(Addr) *array = - (ElfW(Addr) *) (imap->l_addr - + imap->l_info[DT_FINI_ARRAY]->d_un.d_ptr); - unsigned int sz = (imap->l_info[DT_FINI_ARRAYSZ]->d_un.d_val - / sizeof (ElfW(Addr))); - - while (sz-- > 0) - ((fini_t) array[sz]) (); - } - - /* Next try the old-style destructor. */ - if (imap->l_info[DT_FINI] != NULL) - DL_CALL_DT_FINI (imap, ((void *) imap->l_addr - + imap->l_info[DT_FINI]->d_un.d_ptr)); + if (imap->l_info[DT_FINI_ARRAY] != NULL + || imap->l_info[DT_FINI] != NULL) + _dl_catch_exception (NULL, call_destructors, imap); } #ifdef SHARED |